With the cyberthreat landscape continuing to intensify, and regulations such as the Payment Card Industry Data Security Standard (PCI DSS) and the EU General Data Protection Regulation raising the cybersecurity standards requirements for compliance, the WAF market has been projected to reach $13.8 billion by 2027. In addition to commercial solutions, the open source project ModSecurity was formed in 2002 by Trustwave’s SpiderLabs to expand access to both WAF technology and a standard set of rules to protect against the Open Web Application Security Project’s (OWASP) annual web application vulnerability Top-10 List. By monitoring incoming and outgoing traffic between systems or networks based on a set of rules, a firewall enables an organization to reduce the risk of attacks or breaches.Īs web applications became more common in the late 1990s, and web server attacks increased accordingly, security vendors introduced dedicated WAF devices to reduce the risk associated with these more publicly exposed applications.
The Development of the Web Application Firewallįirewalls have been a foundational element of network security since the early days of widespread internet connectivity. Deployed as a standalone hardware or software device, or through an application delivery controller (ADC) or server load balancing (SLB) solution, a WAF helps prevent attacks exploiting vulnerabilities such as SQL injection, cross-site scripting (XSS), cross-site request forgery, and improper system configuration. As these applications become more prevalent, organizations have deployed WAF functionality to inspect network traffic at the application layer, a more granular level than traditional network firewalls.
Enabling Secure Application Delivery for Web ApplicationsĪ web application firewall (WAF) is a specialized form of application firewall designed to enable secure application delivery for HTTP-based applications.
0 kommentar(er)
